← back
CVE-2024-9474

PAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface

CVSS 6.9 MEDIUMEPSS 94.8%● KEVCWE-78
In short

A Palo Alto Networks PAN-OS administrator can perform actions with root-level privileges through the web management interface, bypassing normal permission restrictions. This allows an admin to gain unauthorized elevated access to the firewall system.

Technical detail

A privilege escalation vulnerability in PAN-OS web management interface allows an authenticated administrator to execute arbitrary actions with root privileges. The vulnerability requires valid admin credentials and access to the management interface; exploitation results in complete system compromise beyond the attacker's assigned role permissions.

Summary generated and translated by AI from the official description.
A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability.
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Red
Affected products
Palo Alto Networks · Cloud NGFWPalo Alto Networks · PAN-OSPalo Alto Networks · Prisma Access
public PoCs found5
githubgithub.com/Chocapikk/CVE-2024-947445cve_referencegithub.com/k4nfr3/CVE-2024-94749githubgithub.com/coskper-papa/PAN-OS_CVE-2024-94742githubgithub.com/aratane/CVE-2024-94741githubgithub.com/deathvu/CVE-2024-94740
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/k4nfr3/CVE-2024-9474https://labs.watchtowr.com/pots-and-pans-aka-an-sslvpn-palo-alto-pan-os-cve-2024-0012-and-cve-2024-9474/https://security.paloaltonetworks.com/CVE-2024-9474https://unit42.paloaltonetworks.com/cve-2024-0012-cve-2024-9474/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9474